Apple Rejecting Apps Using Cookie-Tracking Methods, Signaling Push To Its Own Ad Identifier Technology Is Now Underway

0

Mobile app developers using a technology called “cookie tracking” (sometimes called “Safari flip-flop” or “HTML5 first party cookies”) are starting to have their apps rejected by Apple’s App Review team, we’ve heard from a few different industry sources. With this method in place, Safari is opened upon first launch in order to read a cookie that may exist from a user’s past interactions with ads. In terms of the user experience, it’s not ideal, but it is one that some app makers are utilizing as an alternative to the deprecated UDID – the unique device identifier that Apple first announced plans to phase out back in mid-2011.

The UDID, a 40-character string containing letters and numbers, allows developers and ad networks a way of collecting data about users. Though the UDID itself doesn’t contain personally identifiable information about the device’s owner, it can be used in combination with information collected by a third-party, including names, location, preferences, app usage and more, to paint a more complete picture of an individual.

Though Apple’s changes to UDID usage were announced in 2011, it wasn’t until early last year that the developer community really started to rally behind various alternatives following a wake of app rejections for apps still accessing the UDID technology.

Cookie tracking was one of those alternatives. It’s essentially a technology that’s a holdover from the desktop web era, where cookies have been used for some 15 years. On mobile, the process generally involves HTML5 local storage, because “mobile cookies” aren’t technically the same as those on the desktop. “Within local storage, an app developer can drop a token – an ID, if you will – and then retrieve it later. In this regard, it works like a cookie, so the industry frequently uses it and talks about it like it’s a cookie,” explains Craig Palli, VP of Business Development at mobile app marketing firm Fiksu, which works with developers on user acquisition efforts.

His firm has been hearing of the App Store rejections related to cookie tracking over the past few weeks, noting that it may be too early to say, definitively, whether or not this is something that will become more pervasive in time. Still, he thinks that it could be a case where Apple is signaling to the industry which direction it needs to be headed. And specifically, Apple likely wants developers to start transitioning to its own Ad Identifier technology.

The Advertising Identifier, as explained in Apple’s iOS 6 Settings (General –> About –> Advertising –> Limit Ad Tracking), states that “in the future, all advertising networks will be required to use the Advertising Identifier.”

In other words, Apple’s intention is that this method should eventually become the standard.

“There are definitely indicators of transition with regards to HTML5 tracking,” says Palli of the recent rejections. “It’s reasonable that it’s a transition to [Apple’s] method, and their view of what a proper user experience is…Perhaps they don’t think that a flipping motion is in keeping with that user experience, ” he adds, referring to the way these apps load Safari upon first launch.

From a user’s perspective, it’s hard to argue with Apple’s logic. It really is odd to launch an app then see Safari load before being sent back to the app’s user interface. It feels like something fishy is going on, even though the method isn’t really any more invasive than others. It’s just that it’s so in your face about it.

Though it’s been a long time since Apple announced the UDID would be deprecated, the company has apparently not yet been very strict on the enforcement of the transition away from or to its new methodologies. Palli says that there are still many apps that use UDID, while others use techniques like the cookie-tracking method, others that use digital fingerprinting and more. In fact, the community hasn’t really organized themselves around any one of these alternatives yet – usage is still across the board.

Palli points out that savvy marketers wouldn’t put all their eggs in one basket, so to speak, when it comes to which method they used. That being said, there are, at present, several large brands that have historically relied only on cookie tracking that will be affected by this change. And for those companies, well, says Palli, “they have some work cut out for them.”

In the under half-dozen rejections he’s personally aware of, some are big-name consumer brands with over a million downloads. TechCrunch knows that brands like Priceline and Hotels.com, for example, are two of the more well-known apps in this space which currently use this cookie tracking method. Neither appear to be affected at present, and they still showcase this type of behavior if you’re interested in seeing it firsthand.

Meanwhile, Oren Kaniel, CEO of mobile app measurement platform AppsFlyer was also among the first to spot the recent App Store rejections. He says he has also heard from both “a travel booking app and a large mobile ad agency,” that apps using cookie tracking are now actively being rejected during the review process. Kaniel notes, too, another reason why the behavior may be troublesome for Apple, saying that some analytics and tracking providers have been temporarily disabling the technology for the app review, then re-enabling it after approval.

A leader in the cookie-tracking method is Ad-X, which we’ve reached out to for comment as well, but haven’t yet heard back. (Time-zone differences may be involved, so we’ll update if they respond later on).*

Update, David Fieldhouse of Ad-X comments: “If Apple decide to ban apps operating a ‘safari flash’ on launch this will be a good move for the industry as it will quicken the take-up of industry wide identifiers (like IDFA). It will have no impact on the AD-X system or existing clients. We give clients the freedom to choose if they would like to use Cookie tracking or not. iOS tracking is complex and any provider that relies on one single method would not have an accurate or robust solution. Our system uses a broad range of methodologies – using cookies is only a very small part of the story and is a methodology we do not need to rely on. “